-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4320-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 16, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : asterisk CVE ID : CVE-2018-7284 CVE-2018-7286 CVE-2018-12227 CVE-2018-17281 Debian Bug : 891227 891228 902954 909554 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service or information disclosure. For the stable distribution (stretch), these problems have been fixed in version 1:13.14.1~dfsg-2+deb9u4. We recommend that you upgrade your asterisk packages. For the detailed security status of asterisk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/asterisk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvGXNoACgkQEMKTtsN8 TjbGhg//U2VXMBk8yKPd2djMyQXpPoSr1ss1tJh5tTUIB9a/K+woSZjEhHvyd4Ws 9sbAGuGsUcIMBYfbjwYpyeHFV9BptUaKj0s5b3hw5qS3Hpj4MFpwU3ZF4PIwT0hk H632ETf6w8Slhx0oJbj35JAUhMXzqZrkA+Mkf+9HMbMWH6uaJW+Yr+g669ZXC1U8 AgfKUFIdPDg2QbkgjHyyOX+eFQvD3QfSVxR9lsZw8N5bdfaKnwUMM4rTM4WKn2lI +gwZJ6mxQupvSXAz5+EoPEWIyPDhaiBrrU9P/950LnxZograRY3WKSqnCTp5l+hb JLC9OkOXgdonIMUZAgAyNx42AVqMQrIImdY66AVYQc5OeWrSWyjegKgmrN5Ww42o BgMd0W2l73RyaSqijExbfUVxezzfjThC3P4NLLXHKZxKsB2ls4Ikqy2c3OTRW5+Z 9W5NpOs3qQPZDakYwnRlta445fChd84HDQQRUBnLPH0stYOaNIjWTntqHUfzc1q2 kdm5PQ7ObHZZlqKIOACxCqQkHotZAQTsLeRkzikScR6LHEzXSdjt5SiGCOgrOUV0 5PKtt2TBsIbx8hV6pzyC4RVtJzcwAaYzvcBXCgz01Q+HvckdDCXsP+qLhiFR4y6e jvghwuVDsEjrOPRwI+H2meTckH6BPSLor3rtFHkbJfn8JGHcBeM= =/NZY -----END PGP SIGNATURE-----